Tencent Cloud CVM

The skill appears to implement a legitimate Tencent Cloud CVM toolkit, but its manifest, runtime instructions, and shipped scripts are inconsistent about required credentials and handle sensitive secrets (API keys and instance passwords) in ways you should review before installing.

This package is a full CLI/bash toolkit for Tencent Cloud CVM and will require your Tencent API keys and instance passwords to work — but the registry metadata did not declare those requirements. Before installing or running it: 1) Verify the source and trustworthiness of this bundle (no homepage provided). 2) Inspect the scripts locally (they are included) and confirm you are comfortable with plaintext password storage at ~/.tencent_cvm_passwords and the fact that scripts print passwords to stdout. 3) Prefer SSH key-based access over sshpass/passwords; if you must use passwords, restrict the password file (chmod 600) and consider storing secrets in a dedicated secret manager. 4) Be aware scripts can perform service management (systemctl) and file transfers — run them manually and avoid granting broad automation privileges. 5) If you expect the skill to be used by an agent, ensure the agent is not allowed to auto-run destructive operations; the metadata omission of required env vars should be corrected by the author before trusting automated workflows.